Ubuntu-ssh - - WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED

SshOpenssh

Ssh Problem Overview

I'm unable to ssh and rysnc to a remote system. It keeps giving this error message:

WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     
      
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
a3:8f:7c:07:c9:12:d8:aa:cd:c2:ba:b3:27:68:bc:c2.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending RSA key in /root/.ssh/known_hosts:8
RSA host key for xxx.xxx.xxx.xxx has changed and you have requested strict checking.
Host key verification failed.
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: unexplained error (code 255) at io.c(601) [sender=3.0.8]

I've removed authorized_keys file from /home/user/.ssh.

Ssh Solutions

Solution 1 - Ssh

use the following command which removes the old keys from .ssh/known_hosts file

ssh-keygen -R <host>

Solution 2 - Ssh

The message says "/root/.ssh/known_hosts" not authorized_keys. Remove that file (or at least the corresponding key) from it and you can go again! But be aware that: There must be a reason why the key changed. Was the system reinstalled? Make sure you check that or the whole idea of ssh is void.

BTW.: Is there a reason you ssh as root?

Solution 3 - Ssh

The message does explain itself:

  • The remote host identified itself with a key
  • Your previous copy of the key for that host is different
  • So there is a chance that the remote host is not who they say they are

If you trust the remote host, you can delete line 8 from your /root/.ssh/known_hosts and ssh will ask you if it can add the new key next time you try to connect

If you don't trust the remote host, you have to contact the host administrators to find out if and why they changed ssh keys. If they haven't it means your traffic is being intercepted

On the other hand, if you really really trust the remote host (eg it is on an intranet), you can run ssh with

-oBatchMode=yes -oStrictHostKeyChecking=no

Solution 4 - Ssh

You can use sed to remove the offending key at line 8 from your known_hosts file:

sed -i -e 8d /root/.ssh/known_hosts

Solution 5 - Ssh

Just do this:

mv .ssh/known_hosts .ssh/known_hosts_old
Categories
Recommended Ssh Solutions
Recommended Openssh Solutions

Previous Solution:

Role does not exist and unable to create database when using PostgreSQL

Ruby on-RailsRubyRuby on-Rails-3Postgresql

Next Solution:

What does ~ mean in the YML configuration file in Symfony 2?

SymfonyYaml

Attributions

All content for this solution is sourced from the original question on Stackoverflow.

The content on this page is licensed under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Content TypeOriginal AuthorOriginal Content on Stackoverflow
QuestionThiyagarajan VaradharajView Question on Stackoverflow
Solution 1 - SshTalespin_KitView Answer on Stackoverflow
Solution 2 - SshNikodemus RIPView Answer on Stackoverflow
Solution 3 - SshAlftheoView Answer on Stackoverflow
Solution 4 - SshPierzView Answer on Stackoverflow
Solution 5 - Sshuser1421092View Answer on Stackoverflow